The United States carried out a rigorous followup with key Canadian military intelligence centres in the wake of a navy spy scandal to ensure new, stricter security protocols had been enacted, say multiple defence and intelligence sources.
American liaison officers on both the Pacific and Atlantic coasts were asked to verify that enhanced compliance and accountability measures for the handling of shared intelligence were in place and working, said a military source.
The Harper government has acknowledged that security fixes were underway as a result of the Jeffrey Delisle case, but the scope of U.S. direction startled Wesley Wark, a visiting professor at the University of Ottawa's graduate school of public and international affairs.
"As far as I'm aware, that is the first time in the history of Canada's allied relationships on the intelligence front that we've ever been faced with that kind of stringent requirement and deadline to fix things," Wark said in an interview.
"Perhaps the Americans didn't quite trust the Canadians to come up with a sufficient security fix, sufficiently quickly."
The increased oversight comes as a result of lapses that allowed former sub-lieutenant Jeffrey Delisle, 42, to use a floppy disk and thumb drive to copy and smuggle top secret information out of a Halifax intelligence centre known as Trinity.
The Canadian Press revealed this week that the Canadian Security Intelligence Service had Delisle under surveillance for months in 2011 before the RCMP stepped in to build a criminal case. During that period, CSIS was aware of the classified secrets — including the precise content of documents — that Delisle routinely provided to Moscow.
Much of what Delisle, a junior naval officer, gave to the Russians was extremely sensitive U.S. intelligence, sources said.
During question period in the House of Commons on Monday, Public Safety Minister Vic Toews said that he does not comment on operational matters of national security and his office doesn't get involved in investigative matters.
"However, what I can say is that the conclusions drawn in that story are totally incorrect," the minister said. "Information is shared between law enforcement agencies in accordance with Canadian law."
System 'failed abysmally'
"I think Canada has got to take its lumps on this," Wark said. "Our security system failed and failed abysmally."
Delisle, arrested in January 2012 by the RCMP, was sentenced to 20 years in prison after pleading guilty to passing classified material to Russia in exchange for cash on a regular basis for more than four years.
"It is embarrassing," said the high-level military source, who had knowledge of the U.S. instructions but requested anonymity because they were not authorized to speak publicly about the matter.
The Conservative government has not explained what specific action it has taken to beef up security at National Defence, nor how Delisle's crumbling personal life escaped the notice of investigators whose job it was to review the spy's security clearance. Financial problems, emotional upheaval or other such difficulties in one's private life may be red flags for those who decide whether an officer can continue to be trusted.
Delisle had access to classified information shared by allies known as the Five Eyes — Canada, Britain, the United States, Australia and New Zealand.
The junior officer handled intelligence "that he had absolutely no need to see," said another source familiar with the case.
"It caused everybody in the Five Eyes to examine the type of security at every one of the terminals where they have access to Five Eye information," said the source, who also requested anonymity because they were not authorized to discuss the case publicly.
New controls now in place
At some allied facilities, it is impossible to use removable devices on individual terminals. And when staff in those centres try to send something externally via the Internet — or even copy, cut, paste or print from the classified terminal — warning bells go off, immediately alerting information-technology security officials.
Such protocols were not present in Delisle's workplace, said the source.
Senior Canadian defence officials, who would speak only on background, acknowledged the introduction of more stringent controls over the downloading and printing of classified information from the data bank called Stone Ghost — where the Five Eyes allies share their most closely held information.
"It doesn't shock me that people can walk out of a federal building with a thumb drive in their hand, or their pocket," one source said.
"What disturbs me is that the terminal with the most sensitive, top secret information on it was not disabled and blocked from downloading to a removable device."
The new restrictions and beefed-up enforcement of existing guidelines — at both Trinity and a similar intelligence centre known as Athena in Esquimalt, B.C. — were among the primary changes made by the Canadian military, sources said.
The Americans have since been trying to determine whether the improvements are adequate.
"It's embarrassing, yes. Some people may be feeling a bit peeved or put out — fair enough," said Jez Littlewood, an assistant professor at Carleton University's Norman Paterson School of International Affairs in Ottawa.
"But ultimately you have to rectify these mistakes, and they have to be rectified in a way that meets the concerns of what is fundamentally our key intelligence ally."
Security check failed to see motive
Delisle's top secret-level security clearance was up for renewal months before he transferred to Halifax in 2011, prompting questions about whether such a check would have uncovered the fact he had experienced financial and marital problems.
John Adams, the former head of Canada's ultra-secret electronic eavesdropping agency, the Communications Security Establishment, said in the age of thumb drives the key to preventing treachery is rigorous screening.
"The worst threat is an insider threat," Adams said when asked about the Delisle case at a recent conference.
"So, first of all, keep them out if you can and if you've got 'em in, watch 'em. You can't ever take your eye off them, particularly in sensitive locations like that.
"I can put 20 gigabytes of information in my shirt pocket. I'm a trusted guy. How are you going to stop me? It's tough. You've got to be sure they're clean when they come in and they stay that way when they're there. There's no other way. It's not magic. You can't inspect them coming in and going out, it would take you forever."
If a person's security clearance expires, they are allowed to continue working with classified material unless there's a particular reason to suspend access, then-CSIS director Dick Fadden told a Senate committee earlier this year.
Fadden said he had been working with deputy ministers to tighten electronic and physical security procedures, as well as in the area of security clearances. "In virtually every instance, there has been — or there is in the process of being — some tightening up."
Fadden is now the deputy minister of defence.
U.S. National Intelligence Director James Clapper has said the Americans are working to tag classified information in a way that would allow them to determine who shares it.
American officials also want to strip secret information of the sensitive methods used to gather it, which would enable an agency to share data without revealing, for instance, it was collected through a satellite intercept, Clapper said.